[Dovecot] Dovecot 2.0beta3: Auth master process is now running as default_internal_user

Thomas Leuxner tlx at leuxner.net
Tue Mar 16 22:45:48 EET 2010


Am 16.03.2010 um 20:57 schrieb Timo Sirainen:
>> [20:27] root spectre:/var/vmail/conf.d# l
>> drwxr-x--- 4 dovecot vmail 4096 2010-03-14 17:40 leuxner.net
> ..
>> drwx------ 2 vmail   vmail 4096 2010-03-14 13:09 acls
> 
> Why does vmail own any of these files? Dovecot accesses them only via
> dovecot-auth. Do you have something else that needs to read/write them
> as vmail?
> 
> I think the best solutions are (in order):
> 
> 1) Create a new doveauth user that has read (but no write) access to the
> files. Use doveauth for auth process.
> 
> 2) Use root user for files and auth process.
> 
> 3) Use dovecot user for files and auth process.

Right, if I'd like to go with 1) where would I put the 'doveauth' user in the config to have 'passwd' read with it? Looks like it is still using 'dovecot'  per default:

service auth {
  unix_listener auth-userdb {
    mode = 0600
    user = doveauth
  }
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}

service auth-worker {
  unix_listener auth-worker {
    mode = 0600
    user = doveauth
  }
}

The reason 'vmail' is the group owner of the 'sieve' and 'acl' subdirs was the idea to have all config stored under the 'domain.tld' folder. The LMTP Service will access this folder with the user permissions.

Regards
Thomas



More information about the dovecot mailing list